hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-04 05:05:12 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,206 Commits 1,741 Branches 166 Tags
a931c59a288f91a4e366bb3dfb85b18878e0deb2
Commit Graph

18206 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mathias Vorreiter Pedersen
8bd14c5af6 C++: Remove duplication-tests directory since we no longer detect duplication. 2020-11-24 10:10:31 +01:00
Erik Krogh Kristensen
f03429a4b8 change description for source root folder 2020-11-23 23:46:44 +01:00
CodeQL CI
9123f249ad Merge pull request #4705 from erik-krogh/bigString 
Approved by asgerf
 2020-11-23 22:40:42 +00:00
Erik Krogh Kristensen
33dab1717e treat nodes with type "Location" as a location source - but not if we can track it from an original node with type "Location" 2020-11-23 17:03:50 +01:00
Rasmus Lerchedahl Petersen
39c5e0d487 Python: update test expectations 2020-11-23 16:46:35 +01:00
Rasmus Lerchedahl Petersen
38bb06a207 Merge remote-tracking branch 'upstream/main' into python-dataflow-variable-capture 2020-11-23 16:40:20 +01:00
Tom Hvitved
129deb0a00 C#: Add change note 2020-11-23 16:09:33 +01:00
Tom Hvitved
cd77f14a75 C#: Rename getSourceDeclaration() to getUnboundDeclaration() 2020-11-23 16:09:33 +01:00
Geoffrey White
7015a9cf53 C++: Un-private a few classes that are now used by the current DefaultSafeExternalAPIFunction implementation. 2020-11-23 14:47:22 +00:00
Anders Schack-Mulligen
2cf10a7658 Merge pull request #4427 from aschackmull/java/fastjson 
Java: Add support for FastJson in unsafe deserialization.
 2020-11-23 14:40:14 +01:00
Erik Krogh Kristensen
f7f9beeefd avoid reporting empty names in js/exposure-of-private-files 2020-11-23 14:24:42 +01:00
Erik Krogh Kristensen
02d5fbf46b remove superfluous space 2020-11-23 14:22:16 +01:00
Rasmus Wriedt Larsen
9156163563 Merge pull request #4703 from github/hmakholm/pr/duplicate-code-2 
Remove unit tests for duplicate-code detection, take II
 2020-11-23 13:52:24 +01:00
Erik Krogh Kristensen
234730419b restrict computation of ConcatenationRoot::getConstantStringParts to results that are less than 1 million chars long 2020-11-23 10:29:47 +01:00
Tamás Vajk
7d38b2dd17 Merge pull request #4623 from tamasvajk/feature/csharp9-type-param-nullability 
C#: Add type parameter ref/value type tests
 2020-11-23 09:58:56 +01:00
Rasmus Lerchedahl Petersen
777100f25c Python: rename file, package, and class 2020-11-23 09:17:40 +01:00
Mathias Vorreiter Pedersen
a7644db762 C++: Use the new names in IR dataflow. Turns out DataFlowCall had its own implementation of getArgument already (which didn't handle qualifiers). The predicate wasn't used anywhere, so I simply removed it, as a better predicate is now available on the base class of DataFlowCall. 2020-11-21 01:00:59 +01:00
Mathias Vorreiter Pedersen
61bbceb201 C++/C#: Sync identical files 2020-11-21 00:55:07 +01:00
Mathias Vorreiter Pedersen
f173dc71c0 C++: Use shorter names for new IR predicates. This should hopefully guide users to use these predicates by default. 2020-11-21 00:54:50 +01:00
Geoffrey White
cc8d4b4c75 Merge branch 'main' into modelchanges2 2020-11-20 20:33:52 +00:00
Geoffrey White
fddd353155 C++: Updated autoformat. 2020-11-20 20:15:45 +00:00
Henning Makholm
a2a4938f60 Remove unit tests for duplicate-code detection, take II 
In #4689 I forgot to remove the `.expected` files too, but they are
now of course useless.
 2020-11-20 21:07:42 +01:00
Asger F
adc7bbfa4d Merge pull request #4694 from asgerf/js/flow-to-external-api 
JS: Add UntrustedDataToExternalAPI query
 2020-11-20 15:56:04 +00:00
Asger Feldthaus
f894cf2074 JS: Add support for react-hot-loader 2020-11-20 15:28:32 +00:00
Mathias Vorreiter Pedersen
6ead6c6d38 Merge branch 'main' into qualifier-as-parameter-for-callee 2020-11-20 16:17:10 +01:00
Tamas Vajk
0fa3cf7912 Simplify test predicates 2020-11-20 16:05:12 +01:00
Asger Feldthaus
16429c8ca4 JS: followed -> followed by 2020-11-20 14:44:25 +00:00
Mathias Vorreiter Pedersen
fd4f8c557c Merge branch 'main' into unsafe-use-of-this-query 2020-11-20 14:54:51 +01:00
Jonas Jensen
14aa6427ca Merge pull request #4696 from MathiasVP/get-result-memory-location-join-order-fix 
C++: Fix bad join order in AliasedSSA::getResultMemoryLocation
 2020-11-20 14:50:35 +01:00
Tamas Vajk
3e836ef671 C#: Add type parameter ref/value type tests 2020-11-20 13:08:38 +01:00
Tamás Vajk
77afd5a617 Merge pull request #4633 from tamasvajk/feature/csharp9-native-int 
C#: Add test cases for native integers
 2020-11-20 12:58:11 +01:00
Mathias Vorreiter Pedersen
c7efc91676 C++: Use the new predicates in IR dataflow. 2020-11-20 12:24:39 +01:00
Mathias Vorreiter Pedersen
f3b5d7b830 C++/C#: Sync identical files 2020-11-20 12:23:34 +01:00
Mathias Vorreiter Pedersen
416431a7c1 C++: Add convenience predicates for working with qualifiers as parameters. 2020-11-20 12:22:37 +01:00
Jonas Jensen
3342fac83e Merge pull request #4688 from criemen/printast-performance 
C++: Speed up PrintAST.
 2020-11-20 11:45:42 +01:00
Asger Feldthaus
7536c49c6f JS: Use getAParameter and not getReceiver instead of getASuccessor 2020-11-20 10:34:30 +00:00
Tamas Vajk
52680cd1dc C#: Add test cases for native integers 2020-11-20 11:31:20 +01:00
Asger F
405f07720a Apply suggestions from code review 
Co-authored-by: Max Schaefer <54907921+max-schaefer@users.noreply.github.com>
 2020-11-20 10:21:19 +00:00
Asger Feldthaus
b34df9ff33 JS: Autoformat 2020-11-20 10:15:35 +00:00
Cornelius Riemenschneider
1afd32c033 C++: Add comment, rename class. 2020-11-20 10:49:12 +01:00
yoff
b478a51d4e Apply suggestions from code review 
Thanks for doing the work for me :-)

Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2020-11-20 10:46:04 +01:00
Cornelius Riemenschneider
eeece5937d C++: One more speedup, address review. 2020-11-20 09:56:08 +01:00
Tamás Vajk
056b0c2627 Merge pull request #4626 from tamasvajk/feature/stats 
C#: Add stats file from the jenkins job
 2020-11-20 09:16:56 +01:00
Mathias Vorreiter Pedersen
490bba5c9f C++: Fix bad join order in AliasedSSA::getResultMemoryLocation. 2020-11-19 17:40:41 +01:00
Rasmus Lerchedahl Petersen
7cbbf3bbf7 Python: slightly nicer test 2020-11-19 16:20:57 +01:00
Asger Feldthaus
f737f34dcd JS: Add UntrustedDataToExternalApi query 2020-11-19 13:42:25 +00:00
Mathias Vorreiter Pedersen
2e6a3cd33b Merge branch 'main' into unsafe-use-of-this-query 2020-11-19 13:03:29 +01:00
Jonas Jensen
cd20163f6e Merge pull request #4676 from MathiasVP/untrusted-dataflow-to-external-api-query 
C++: Untrusted data used in external APIs
 2020-11-19 12:56:08 +01:00
Rasmus Lerchedahl Petersen
6cc8e5acf1 Python: support psycopg 2020-11-19 12:13:20 +01:00
Mathias Vorreiter Pedersen
072adaa279 C++: Require that no override of the called pure virtual function exists in any base class. This removes the false positive in the testcase. Based on the results on LGTM we have agreed to set the @precision to very-high. 2020-11-19 12:10:57 +01:00